Before carrying out any form of cyberattack, hackers survey their targets for weaknesses. There’s a wealth of information about your business online and criminals will seek to exploit it. This process is called footprinting; it’s a pre-attack exercise that aims to collect and analyse publicly available information about a cybercriminal’s intended target.
Recent high profile hacks have shown that hackers exploit common vulnerabilities using well understood and documented techniques. Every organisation is a target, even those without high value information assets. Cybercriminals will scour the Internet for vulnerable systems and organisations with weak IT security. It is important to identify your weaknesses before cybercriminals do.
Phishing uses social engineering to trick employees into downloading malware or disclosing sensitive information. Fraudulent emails are most common, but cybercriminals also use instant messaging, mobile apps, social networks and SMS text messaging. These attacks frequently succeed because they target users, not technology. Your business is only ever as secure as its least security conscious employee.